Open Source Software Community - it's about ethics in Code of Conducts

[General Zoider]

This. Not only it prevents your home IP from leaking, it lets you have a client connected 24/7 (IRC is ephemeral and only some servers offer a backlog on join, so if you are offline, you dont get messages), and you can set up some funny reverse DNS for your server's IP.

plus if you use something like https://sdf.org/ you can actually get dialup internet.

 

[The Real Slim Shady]

I don't think any IRC networks allow FServs anymore, so the era of DCC sharing are pretty much gone. Most of that stuff has moved to torrents.

FServers are still up, but I think they just forgot to turn the bots off, because what the fuck am i supposed to do with a 128kbps MP3 of an album that I can get in FLAC from the pirate bay?

Fantastic. so to exercise the most basic in security, I need to use another server or a vpn or something besides my own fucking network and a client just so I don't leak something that isn't a problem on xmpp or matrix? you're really making solid points here

IRC is designed towards a different use case. You do not need to specifically host this server yourself. There are a few options
1. You get a shell account and leave a text IRC client hanging inside tmux,
2. You make an account on some bouncer server, like ZNC and then use whatever client on your PC, laptop, phone and smart microwave oven. The bouncer provides backlog so you know what happened where you were offline. This is in my opinion the best option, UX wise.
2a. you set up bridges to other text protocols, like discord, or telegram, creating a heterogenous network. That's handy for switching between PC and mobile use.
3. You set #1 up by yourself on some server you have at hand

I havent used XMPP so I can't speak about it, but I used matrix for about 2 weeks and the general idea of storing messages in a block chain does not sit well with me.

Spoiler: Learn more

The main issue is non-erasability and permanent (by design) storage of messages. This is a liability for everyone on the channel including the server owner, if a malicious user uploads some illegal content you now have copies of it on every device that was joined, and you cannot erase them otherwise than deleting the entire channel.
Deleting messages by issuing a "deletion request" is also an anti-feature. In typical communicators a deleted message is deleted. Of course, someone can have a hacked client that does not honor these requests, so once something is online, you should treat it as forever online. But in case of traditional communicators I need to have a malicious intent to keep the deleted messages. In Matrix, they are stored forever, by design. This makes every channel participant a potential informant if their device is seized and dumped.

TLDR Matrix architecture is glownigger wet dream. It's as little-decentralized as possible and leaves a trail of every message.
Use IRC+SSL, use your brain.

 

[Ferryman]

The main issue is non-erasability and permanent (by design) storage of messages. This is a liability for everyone on the channel including the server owner, if a malicious user uploads some illegal content you now have copies of it on every device that was joined, and you cannot erase them otherwise than deleting the entire channel.
Deleting messages by issuing a "deletion request" is also an anti-feature. In typical communicators a deleted message is deleted. Of course, someone can have a hacked client that does not honor these requests, so once something is online, you should treat it as forever online. But in case of traditional communicators I need to have a malicious intent to keep the deleted messages. In Matrix, they are stored forever, by design. This makes every channel participant a potential informant if their device is seized and dumped.

Isn't this the problem people have with Hyphanet as well? I'm only speaking from a passing knowledge of how it works, but IIRC it is similar to how torrents work, as in "Each Hyphanet user shares bandwidth and disk space to store files (data store), which makes Hyphanet very resistant to censorship."; If I understand this correctly, stuff stored locally is encrypted and temporary(?) so the risk is theoretically lesser, correct?

 

[HootersMcBoobies]

"Each Hyphanet user shares bandwidth and disk space to store files (data store), which makes Hyphanet very resistant to censorship.";

I was about to say that sounds very similar to FreeNet, and then I looked it up and realized that is the new name for Freenet. Didn't realize they rebranded. There have been several papers about breaking anonymization on the FreeNet protocol like this one:

https://ieeexplore.ieee.org/document/10621209

..and yes, you could be serving some really bad content without knowing it. It's better than the ZeroNet concept that used torrents for distributed websites. On there you could easily unknowingly server illegal content in a totally non-anonymous way. It was designed around reliance and not anonymity, but it had a bunch of security issues the creator refused to fix, went unmaintained and all the trackers died and I'm pretty sure it's still a dead project.

 

[Ralph Epperson]

I was curious about Automotive Grade Linux and got MATI when I saw this troon talk, genuinely one of the worst on-stage tech talks I've seen.

"I only have 10 minutes so I'll try to make it kinda quick and compact" so I'll spend 11 minutes to say:
6:19 Decoupling is better than using a monolith.
8:16 We're using KWin.

That's all the substance. Other than that it's just shitty jokes and saying "Wayland" a bunch. What a load of nothing. Victoria Fischer is an engineering lead for a team at Qt: "the HMI Enablers, [which] are delivering an entire UX platform on top of Qt and Wayland at tremendous speed", and this is all you have to say about it? No demo, not a word about UI design, nothing about interesting trade-offs, nothing about challenges they still face, nothing about decisions they've made, nothing to encourage the room full of FOSS developers to contribute. Just nothing.

Getting Linux into cars is important and this retard seems so blatantly unserious about it. In the video description they gloat about his technical expertise and none of it is communicated during the talk.

I also found this talk, which is quite good and more in line with what I expected.

 

[prollyanotherlurker]

A humorous story from lunduke. Then of course at the end he's implying he wants signal to shut down these groups. I don't get how people like him don't understand why Signal allowing groups like these, even when you don't like the people in them is important. ( I mean he's a jew that doesn't really care about free speech, so its not surprising)

I think these ice protesters are retards. And some have been doing things I personally find disgusting. Like going into a church to scream at the pastor because he was either ICE or accused of being ICE at least. Really I'm against them in every sense.

But platforms allowing groups that are controversial is important. It doesn't matter if I think they're retards that fell for reddit disinformation, and others are soros paid protesters. The point is, you have to have principles sometimes, and just like I wouldn't want them to shut down another group, I don't want platforms to step in and shutdown these (it wouldn't stop them anyway, they would just go further underground). Of course someone like Lunduke just pretends to care about "free speech" when it's beneficial to him, or keeping politics out of tech for that matter, he forgets about how many times he's said that as soon as he wants his politics in tech. He just says shit with no actual meaning behind it, that he will contradict a few videos later.

 

[Markass the Worst]

A humorous story from lunduke. Then of course at the end he's implying he wants signal to shut down these groups. I don't get how people like him don't understand why Signal allowing groups like these, even when you don't like the people in them is important. ( I mean he's a jew that doesn't really care about free speech, so its not surprising)

Can Signal even do anything about it? Everything is end-to-end encrypted so the servers can't even see which groups exist.

 

[prollyanotherlurker]

Can Signal even do anything about it? Everything is end-to-end encrypted so the servers can't even see which groups exist.

I think it would probably be difficult for them to do anything. If they can at all. But idk for sure.

 

[The Mass Shooter Ron Soye]

https://preservetube.com/watch?v=YUCVVXlFHpw (mega)

Thanks, Obama.

https://datatracker.ietf.org/person/andy@hxr.us (archive) (mega)
https://www.linkedin.com/in/rcode3/ (archive)
https://github.com/anewton1998 (archive) (mega)
https://codeberg.org/rcode3 (archive) (mega)
https://codeberg.org/rcode3/make_lunduke_angry (archive) (mega)
https://codeberg.org/rcode3/make_lunduke_angry/src/branch/main/preso.md (archive - blocked as AI scraper) (ghost) (mega) - This appears to be the full presentation from the video in text form.
https://blog.rcode3.com/blog/ (archive) (mega)
https://blog.rcode3.com/blog/page/2/ (archive) (mega)
https://blog.rcode3.com/about/ (archive) (mega)

https://novalug.org/ (archive) (mega)
https://novalug.org/news/ (archive) (mega)
https://akk.novalug.org/tech-news (archive) (mega)
https://akk.novalug.org/notice/B287VU6OISrU5h71bk (archive) (mega)

(Note: People I don't like are controversial.)

https://akk.novalug.org/users/andy (archive) (mega)

This seems to be the origin of his (current) seething: LINKED. LISTS.
https://akk.novalug.org/notice/B12j5BkYUY459WVoCe (archive) (mega)

Spoiler

Similar to my usage of linked lists are the number of times I have commented on a YouTube video. But I did on his video, probably because it made me dumber by watching it. My comment was straightforward and just a link to the rust kernel docs. He deleted it within 5 minutes.

YouTube infamously deletes/hides comments for no discernible reason, but maybe Lunduke did sweep it up. Tough to say.

https://akk.novalug.org/notice/B0Rd1MPGxEt1z9g3pw (archive) (mega)

Spoiler: Extra posts

https://akk.novalug.org/notice/AzXGcGkll2OTMvbh1k (archive) (mega)

(PreserveTube "live" video error, but it may be too large anyway) (mega)



I have it downloaded, but it's probably a waste to upload it here. Text is somewhat legible at 480p30 (~206 MB), much easier to read at full 1080p60 (~881 MB).

 

[ScooterL]

A thread about discussing recommended/cool Open source software that people can post and download?

Isn't that just https://kiwifarms.st/threads/software-endorsements.38657 ?

 

[prollyanotherlurker]

Thanks, Obama.

You know what I think more chuds should learn rust. We need to get a made by chuds for chuds library into the rust ecosystem. And make sure it's something good enough that everyone uses it by default. Like how all of them use the Tokyo library.

Not to do anything nefarious. Just to rub it in.

 

[The Mass Shooter Ron Soye]

You know what I think more chuds should learn rust. We need to get a made by chuds for chuds library into the rust ecosystem. And make sure it's something good enough that everyone uses it by default. Like how all of them use the Tokyo library.

Not to do anything nefarious. Just to rub it in.

We've already got the final boss of programming sock wearers using Rust, a good start.

Continuing to edit the above comment with stuff, but that's the meat of it.

 

[Ferryman]

I've been meaning to get a CLI slpbot going but they all seem hilariously insecure. OpenCode, Claude Code & agent-shell all expect arbitrary command exec and read/write to actually work & posts like this make it seem like they can do pretty grim shit if you aren't proompting to the letter. Docker seems to have a sandboxing solution to the issue, but it still fells insufficient. Docker sandbox + bubblewrap + guix shell might work if overhead isn't too huge. I do not understand how people are fine giving bots arbitrary filesystem access for muh "massive productivity gains", theocucks are in a GRIM state.

 

[The Mass Shooter Ron Soye]

I've been meaning to get a CLI slpbot going but they all seem hilariously insecure. OpenCode, Claude Code & agent-shell all expect arbitrary command exec and read/write to actually work & posts like this make it seem like they can do pretty grim shit if you aren't proompting to the letter. Docker seems to have a sandboxing solution to the issue, but it still fells insufficient. Docker sandbox + bubblewrap + guix shell might work if overhead isn't too huge. I do not understand how people are fine giving bots arbitrary filesystem access for muh "massive productivity gains", theocucks are in a GRIM state.

I thought about that when Operator was launched (does anyone use that?). Spend $100 on a "thin client" tier computer, and Let It Go.

If these things are doing more than coooooding and deleting all your files, then set the agentically compromised PC to connect only to a VPN running on your router or a different PC on the network. So if it tries to fuck with the network settings it just gets disconnected from the Internet.

 

[Ralph Epperson]

YouTube infamously deletes/hides comments for no discernible reason, but maybe Lunduke did sweep it up. Tough to say.

My comment was straightforward and just a link to the rust kernel docs.

Any URL posted in youtube comments gets shadowbanned (i.e. your comment gets deleted but it's still visible on your end). Some youtube comment shadowbans are vague and open for speculation, this one is not.

It's frustrating how relatively unknown youtube's automatic comment filtering is. People don't notice their chains until they try to move.

 

[The Mass Shooter Ron Soye]

Any URL posted in youtube comments gets shadowbanned (i.e. your comment gets deleted but it's still visible on your end). Some youtube comment shadowbans are vague and open for speculation, this one is not.

It's frustrating how relatively unknown youtube's automatic comment filtering is. People don't notice their chains until they try to move.

I glossed over the link detail entirely! Many users have been pissed off at a 'tuber because of YouTube's dystopian shadowbanning. You see the complaints in the comments, sometimes video/community posts addressing it and explaining, "I don't delete comments, ain't nobody got time for that".

Just ONE of YouTube's stupid policies causes ragequitting and Internet blood feuds. It's possible that 91 minute presentation wouldn't exist if the comment had stayed up.

 

[Outer Space Traveller]

https://preservetube.com/watch?v=YUCVVXlFHpw (mega)

Thanks, Obama.

This is how you ruin an entire infrastructure, just to "own" someone you don't like. Who thought having people like this was a good idea?

 

[AnOminous]

A humorous story from lunduke. Then of course at the end he's implying he wants signal to shut down these groups. I don't get how people like him don't understand why Signal allowing groups like these, even when you don't like the people in them is important.

Even if you didn't believe in free speech, all it takes is one glowie in the Signal group to get the plans of the criminals. So shutting them down could actually have negative effects on investigation.

 

[Ferryman]

I thought about that when Operator was launched (does anyone use that?). Spend $100 on a "thin client" tier computer, and Let It Go.

If these things are doing more than coooooding and deleting all your files, then set the agentically compromised PC to connect only to a VPN running on your router or a different PC on the network. So if it tries to fuck with the network settings it just gets disconnected from the Internet.

Yep, that's gonna be the play methinks. I have a Pi 5 catching dust on a shelf so I'll be rigging it to have just the CLI interface on it so I can use it via ssh from emacs. Its +1 degree of separation from just copy pasting code in and out of a browser, but having everything almost inline feels cleaner.

 

[Hakase Shinonome]

X Open Sources their For You algorithm.



Uses mostly Rust and Python.